The key must be in PKCS-1 PEM format.
You need the certificate and the private key as well.
Encrypted private keys are not supported.
The attributes of the POST message that contain the certificate and the private key must be a single line, enclosed in double-quotes.
Replace line-breaks in the PEM certificate with \n
The certificate and the certificate chain must be valid, SPS will reject invalid certificates and invalid certificate chains.